Cross site script attack karke website kaise hack kare kali linux Ki Madad Se Complete Tutorial

0
410

Cross Site Script Se Website Kaise Hack Kare Is Article me ham specially bat karenge kaise ham XSS attacks ka use karte hai aaj ka yah post  bahut khass hai kyoki iss post me ham proffessional tarike se attacking ka trick btayenge so iss trick pe aap jitna ho sake otna focus kijye or Cross Site Script Se Website Kaise Hack Kare ko ache se samjhne ki kossis kijiyega Cross Site Script Se Website Kaise Hack Kare me ham puri tarah se website hack karne ke bare me janenge iss method se ham aasani kisi v website par attack kar sakte hai to aap Cross Site Script Se Website Kaise Hack Kare iss article ko ache se follow kare

IS-TRICK-KE-LIYE-KYA-KYA-BASIC-JANKARI-HONI-CHAHIYE

Cross Site Script Se Website Kaise Hack Kare ye ek coading wala trick hai to iske liye aapko HTML , JAVASCRIPT , PHP , KALI LINUX ka basic jankari to aapko hona h chahiye kyoki iske bare me agar aap ache se jan jayenge to aapko bhut h aasani hogi iss post ko samjhne ke liye but agar aap in sab chijo ki jankari nhiv rakhte hai to koi bat nhi hai but oske liye aapko iss post ko bahut h dhyan se padhna padega taki isko aap samjh sako .

Cross Site Script Se Website Kaise Hack Kare Trick me ham DVWA App se Attack karenge to sabse pahle agar aapke pass DVWA app nhi hai to aap iss link se DVWA app download karle or fir next step pe badhte hai

DVWA DOWNLOAD LINK

cross site scripting ko XSS attacks ke nam se v jana jata hai or ye bahut h dengerous attack hota hai hackers iska istemal commonlly web application se h karte hai or xss ek common vulnerable hai . xss vulnerable tool aam toar pe fake login pages ya hijecking etc ke liye use kiya jata hai to ab ham Cross Site Script Se Website Kaise Hack Kare ke steps ke bare me janenge.

 

HACKERS-XSS-KE-SATH-KYA-KARTE-HAI

Steal cookies , redirect to another website , session hijecking , spread malware or v bahut kuch to issi bat se aap andaja laga lijiye ki XSS hamare kitna kam ka tool hai iski madad se ham kisi v vulnearble website ko puri tarah se damage kar sakte hai waise isko hacking ke liye nhi banaya gya tha but kali linux ki wajah se isko hame aasani hoti hai hacking me use karne ke liye

XSS-KITNE-TYPE-KE-HOTE-HAI

xss two type ke hote hai 

Reflected xss attack

Stored Xss attack

REFLECTED-XSS-ATTACK

Reflacted xss attack ka ek simple sa example ye hai ki isse ham script bana kar apne script ka url jo ki http me hoga wo kisi dusre server pe send kar sakte or jo response oss server se aayega wo hamare script pe show karne lagega reflected xss se ham kisi v site ko chit karke hack kar sakte hai isko achi tarah se samjhane ke liye ham yaha pe ek example kar ke dikhayenge jisse aapke dought clear ho jayenge iss example ki help se aap ye samjh paoge ki kaise ham reflected xss attack ko khud se kisi server pe try kar sakte hai .

To ham iske liye DVWA App use kar rhe hai kyoki ye hame ek local server deta hai jo ki sara kam legel tarike se karta hai iske bare me maine post likha hua hai oske padh le aap agar aapko nhi pata hai iske bare me to chaliye ab aap terminal ko open kijye or DVWA ko open karne se pahle hame Apache2 or Mysql Seervices ko open karna hai .

DVWA TOOL KO KAISE USE KARTE HAI

Aap apna kali linux me se terminal ko open kare or ye command deke aap apache 2 or mysql ko start karde apache or mysql pahle se h kali linux me installed hota hai to iske liye aapko alag se koi application download ki jarurat nahi hai aap pahle apache ko ye command deke start kare fir oske baad aap mysql ko v ye command deke start karde .


                                                          Start Apache 2 Service                                                               

      root@seven:~# service apache2 start                          


                                                                 Start mysql services.                                                            

            root@seven:~# service mysql start                                                        

STEP 1. Ab aap apna Browser ko open kre or ye  url ko past karke enter pe click karde http://localhost/dvwa/login.php or fir aap yaha pe id dal ke login karle.

Cross Site Script Se Website Kaise Hack Kare

STEP 2. jab hamara account logged in hojayega fir hame iska security level ko change kardena hai pahle se ye impossible hoga aapko isko change karke low pe set kardena hai.

Cross Site Script Se Website Kaise Hack Kare

STEP 3. Ab Aap menu me se reflacted attack ko select kare

Cross Site Script Se Website Kaise Hack Kare

STEP 4. ham isko test karne ke liye bilkul taiyar hai Ab aap yaha pe kuch javascript likhe jaisa ki niche picture me maine likha hai or fir ham osko test karne ke liye submit button press karenge .

Cross Site Script Se Website Kaise Hack Kare
Cross Site Script Se Website Kaise Hack Kare

STEP 5. jab ham submit button pe click karenge to agar return me ek alert box aayega fir iska matlab ye hai ki aapka code koi code nhi hai jo aapne submit kiya hai to iska matlab ye hua ki wo website vulnerable hai xss karne ke liye yaha pe aap dekh sakte hai ki hame alert box return me aaya hai.

ab aap apne url ko dekhe osme kuch url add hua hoga jo hamne type kiya tha

Cross Site Script Se Website Kaise Hack Kare

STEP 6. Ab aap dekh sakte hai ki hamara url integrated hai iska matlab ye hai ki ye ulr vulnerable hai jisko ham xss attack kar sakte hai ab ham kuch evil code likhenge jaise fake login page ya or koi v nam likh sakte hai or fir ye link osko send kijiye jiska password aapko hack karna hai.

Agar aap soch rahe hai ki aapka victim hosiyar hai is link ko dekh kar wo samjh jayega ki wo mujhe hack karega to aap apne url ko encode kar sakte hai ya kisi v url sorter se link chota kar sakte ho taki aapke victim ko iss link ke bare me pata na chal sake or wo ispe click karde.

XSS-STORED-ATTACK-KYA-HAI-OR-YE-KAM-KAISE-KARTA-HAI

Jaisa ki nam se h aapko pata chal raha stored attack to ye waise h kam karta hai jaha pe apna data ko store karke rakhte hai isse aap apne evil code ko website data se inject kar sakte hai iss method se jab aap kisi ko hack karenge to ye phising ki tarah kam karta hai jab users website pe visit karega jaha pe aap apna code ko inject kiya hua hai tab ye apna kam karne lagta hai or website ko hack karne lagta hai.

jyadatar hackers iska use comment box me karte hai kyoki comment box h sabse acha rasta hai jisse aap kisi v vulnearable website ke database me apna evel code ko insert kar sakte hai .

To chaliye ab ham aapko iske bare me bat karte hai ki ye use kaise karte hai niche se step ko follow kare .

STEP 1. Sabse pahle aap menu me jaye or osme se xss store pe click kare.

Cross Site Script Se Website Kaise Hack Kare

STEP 2.  Ab Aap  Name Or Massage fill karde massage box ke anadar aap apna javascript code ko dal sakte hai or fir dekhte hai kya hota hai.

Cross Site Script Se Website Kaise Hack Kare

STEP 3. Jab aap code ko dalenge to aapko kuch iss tarah h dikhega jaise ki mujhe dikh raha hai you will be promoted with an alert box aise h aap jo v javascript dalenge to waisa h aapko picture me show hoga iske liye aapko java-script ki jankari honi chahiye aap jab apne javascript ko bana ke isse insert kara ke kisi website ke comment box me comment karenge to ye code os website ke database me add hojayega.

STEP 4.  Ab jab v oss website ka owner oss website pe click karega bas aapko oss website ka pura detail mil jayega or ye sari detail aapki application me h store hongi mai aapko suggess karunga ki aap exploits,redirection pages, etc jaise pages h banaye ye otna deficult v nhi hai banana iske liye aapko thodi bahut javscript ki jankari honi chahiye

NOW-POST-IS-COMPLETED-HEREI-IS-SOME-TIPS

 

Cross Site Script Se Website Kaise Hack Kare

 

iss trick me hamne bataya hai ki kaise aap kali linux ki madad se DVWA ko use kar sakte hai kali linux ek hacking platform hai or dvwa ek coading tool hai to aap inn dono ko ek sath use karke website server ko hack karne ke liye use kar sakte hai wahi hamne iss post me aap logo ko bataya hai iss trick ka pura structure yahi hai ki kaise ham apache or mysql ko start karte hai or fir dvwa application ki madad se ham ek script banate hai or wo code ham osko send karte hai jisko hame hack karna hai to maine yaha pe bataya hai ki agar aapko website hack karna hai to aap website pe kisi v post me iss code ko inset kar sakte hai isse yah hoga ki jab users ispe click karega to aapko oski information dvwa application pe milegi iske liye aapko javascript ki knowladge hone ki jarurat hai agar aapko scrit banane me koi problem aarahi hai to aap mujhe comment karke bataye ham aapko cript banana sikhayenge hopu you will like my post agar aapko kahi kuch dought hai to aap hamse contact karke bataye.

LEAVE A REPLY

Please enter your comment!
Please enter your name here